To turn off ModSecurity in Plesk, you can follow these steps:

1. Log in to your Plesk control panel: Access your Plesk control panel by entering the appropriate URL and credentials.
2. Navigate to the Web Application Firewall (ModSecurity) settings: The location of this option may vary depending on your Plesk version and theme. Generally, you can find it under the Tools & Settings section or within the Security group. If you don’t see the option, you may need to install the ModSecurity component through the Add/Remove Components or Updates and Upgrades section.
3. Disable ModSecurity server-wide: If you want to turn off ModSecurity for the entire server, check the server-level configuration file. Typically, it is located at /etc/httpd/conf/plesk.conf.d/server.conf. Ensure that ModSecurity rules are switched off in this file.
4. Disable ModSecurity for a specific domain: If you want to disable ModSecurity for a specific domain, follow these steps: a. In Plesk, go to the “Domains” section and select the domain you want to manage. b. Look for the option related to Web Application Firewall (ModSecurity) settings for the selected domain. This can usually be found under the specific domain’s settings or configuration. c. In the “Switch off security rules” section, specify the rule IDs, tags, or regular expressions related to the ModSecurity rules that you want to disable. This will prevent those specific rules from being enforced for the chosen domain. Save the changes.
5. Apply the changes and restart services if necessary: After disabling ModSecurity either server-wide or for a specific domain, apply the changes and restart the web server service (e.g., Apache or Nginx) to ensure that the modifications take effect.

Get this, ModSecurity is a valuable security tool that helps protect web applications from various threats. Disabling it should be done with caution and only for specific reasons.

Before turning off ModSecurity, consider the potential impact on the security of your applications and ensure that you have appropriate security measures in place to mitigate any risks.